Because SMB signing is not enabled by default on domain members. You have to enable it in GPO to resolve the vulnerability: https://learn.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/microsoft-network-client-digitally-sign-communications-always and https://learn.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always
SMB Signing not required vulnerability
Fahrid F
196
Reputation points
Hi All,
We are seeing SMB Signing not required vulnerability in our domain joined servers, but this vulnerability is not reported in our ADDS server. could you please let me know why vulnerability is not appeared in ADDS but appearing in domain joined servers.
Thanks
Accepted answer
1 additional answer
Sort by: Most helpful
-
Vicky Wang 2,646 Reputation points
2020-09-14T07:38:05.763+00:00 Hi,
Just checking in to see if the information provided was helpful. Please let us know if you would like further assistance.
Best Regards,
Vicky